Homework 5
Due: December 5, 2025
Points: 100
Short Answer
Answer these questions in one or two sentences.
- (10 points) What is a firewall?
- (10 points) In network security, what does the DMZ refer to?.
Longer Answer
You can use more than 1 or 2 sentences to answer these. Remember to write clearly (if you need help, go to the Writing Center on campus) and justify your answers!
- (40 points) Extend the semantics of the information flow security mechanism in Section 17.3.1 to include structures (sometimes called “records”).
- (40 points) Most operating systems define two types of names. A direct alias (name or link) identifies the specific entry in a file allocation table (such as an inode), and an indirect alias is itself a file containing the path name of a second file. When one opens an indirect alias for certain actions (such as reading or writing), the operating system instead opens the file named in the indirect alias. Specific commands operate on the indirect alias itself (as opposed to the file it names).
- Can indirect aliases ever loop; that is, can there exist a chain of indirect aliases i1, …, in such that i1 = in? If so, how would the system detect such loops? What should it do when one is discovered?
- Can a loop with direct aliases occur?
- The text points out the difference between a file name and a file descriptor. How does the introduction of indirect aliases complicate the resolution of an alias to a device number and inode?
- On some systems, a direct alias cannot refer to an inode on a different device. Suppose the system were altered to allow a device number to be included in the alias, so a direct alias could refer to a file on another device. What complications might arise? Do indirect aliases, which can reference files on other devices, have the same complications?
